190.93.243.5

Latin American and Caribbean IP address Regional Registry

IP Address Information

The Internet Service Provider (ISP) that owns the network address of 190.93.243.5 is Latin American and Caribbean IP address Regional Registry and located in Uruguay. Currently there are 10 domain names that utilize this address. The primary domain hosted by this IP is ez-download.com along with 9 other domains which are known adware distribution web sites. The address and domain is leased to Quick Downloader.
Scanner detections:
Detections  (83% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.QuickDownloader.K, PUP.Installer.Ezdownload.V, PUP.Installer.FastDownloads.N, PUP.OUTBROWSE.H, PUP.Installer.QuickDownloader.M, PUP.Adlogica.FastDownloads.Bundler (M), PUP.Adknowledge.OptimumInstaller.Installer (M), PUP.Adlogica.QuickDownloader.Bundler (M), PUP.Adknowledge.WARPINSTALL.Installer (M), PUP.Adknowledge.TINYINSTALLER.Installer (M), PUP.InstallCore.Installer.Installer (M), PUP.Adknowledge.PremiumI.Bundler (M), PUP.Adlogica.QuickDow.Bundler (M), PUP.Adlogica.FastDown.Bundler (M), PUP.Adknowledge.PremiumI.Installer (M), PUP.installCore.SecureIn.Installer (M), PUP.Adknowledge.OptimumI.Bundler (M), PUP.Adknowledge.TINYINST.Bundler (M)
75.61%

Dr.Web
Adware.InstallCore.133, Adware.Downware.2468, Adware.InstallCore.122, Adware.Downware.2081, Trojan.Packed.24524, Threat.Undefined, Trojan.Crossrider1.49350
53.66%

VIPRE Antivirus
InstallCore, Trojan.Win32.Generic, Threat.4150696, Threat.4778314, Threat.4786018, Threat.4784459
46.34%

ESET NOD32
Win32/InstallCore.BY potentially unwanted application, Win32/OutBrowse.L potentially unwanted application, Win32/OutBrowse.J potentially unwanted application, Win32/InstallCore.BL potentially unwanted application
41.46%

Sophos
Install Core, Ez Toolbar Downloader, OutBrowse Revenyou, Install Core Click run software, PUA 'Install Core', PUA 'iBryte Optimum Installer'
39.02%

avast!
Win32:PUP-gen [PUP], Malware-gen, Win32:Malware-gen, Win32:Adware-gen [Adw], Evo-gen [Susp], Win32:Installer-J [PUP], Win32:IBryte-BT [PUP], Win32:OutBrowse-CH [PUP]
39.02%

F-Prot
W32/InstallCore.R3.gen, W32/InstallCore.R.gen, W32/Outbrowse.B.gen, W32/A-dbe1ec51, W32/Ibryte.C.gen, W32/DomaIQ.G.gen, W32/S-53fc0c37
34.15%

Avira AntiVirus
ADWARE/InstallCore.Gen7, APPL/InstallCore.Y.92, APPL/Downloader.Gen, ADWARE/InstallCore.Gen9, Adware/InstallCore.AU.1, PUA/Outbrowse.Gen
31.71%

Vba32 AntiVirus
Downware.InstallCore, Downloader.OutBrowse, SScope.Adware.OptimusInstaller.26607, Downloader.Agent, SScope.Malware-Cryptor.iBryte
26.83%

K7 AntiVirus
Unwanted-Program , Trojan
26.83%

The following domains resolved to the IP address 190.93.243.5.

File URLs download from 190.93.243.5.

 
Latest 30 of 873 download URLs

The geographical location of this IP address.

Country:
Costa Rica (CR)

Region:
San Jose

City:
San Jose

Coordinates:
9.93333, -84.0833

The ARIN network assigned organization for IP address 190.93.243.5.

Org name:
Latin American and Caribbean IP address Regional Registry

Org identifier:
LACNIC

Org country:
Uruguay (UY)

Org city:
Montevideo

Org address:
Rambla Republica de Mexico 6125

ARIN WHOIS:
NetRange: 190.0.0.0 - 190.255.255.255
CIDR: 190.0.0.0/8
OriginAS:
NetName: NET190
NetHandle: NET-190-0-0-0-1
Parent:
NetType: Allocated to LACNIC
Comment: This IP address range is under LACNIC responsibility for further
Comment: allocations to users in LACNIC region.
Comment: Please see http://www.lacnic.net/ for further details, or check the
Comment: WHOIS server located at http://whois.lacnic.net
RegDate: 2005-06-17
Updated: 2010-07-21
Ref: http://whois.arin.net/rest/net/NET-190-0-0-0-1

OrgName: Latin American and Caribbean IP address Regional Registry
OrgId: LACNIC
Address: Rambla Republica de Mexico 6125
City: Montevideo
StateProv:
PostalCode: 11400
Country: UY
RegDate: 2002-07-27
Updated: 2011-09-24
Ref: http://whois.arin.net/rest/org/LACNIC

ReferralServer: whois://whois.lacnic.net

OrgTechHandle: LACNIC-ARIN
OrgTechName: LACNIC Whois Info
OrgTechPhone: 999-999-9999
OrgTechEmail: whois-contact@lacnic.net
OrgTechRef: http://whois.arin.net/rest/poc/LACNIC-ARIN

OrgAbuseHandle: LACNIC-ARIN
OrgAbuseName: LACNIC Whois Info
OrgAbusePhone: 999-999-9999
OrgAbuseEmail: whois-contact@lacnic.net
OrgAbuseRef: http://whois.arin.net/rest/poc/LACNIC-ARIN


Autonomous System Assignment
ASNumber:
13335

ASName:
CLOUDFLARENET - CloudFlare, Inc.

ASHandle:
AS13335

Remove Malware from 190.93.243.5 - Powered by Reason Core Security